package com.turbo.cloud.core.security.utils;

import cn.hutool.core.util.StrUtil;
import com.turbo.cloud.core.exception.ForbiddenException;
import com.turbo.cloud.core.security.authentication.AdminUser;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;

import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;

/**
 * 获取当前登录用户
 *
 * @author zhangluning
 */
@Slf4j
public class SecurityUtil {
    /**
     * 获取当前登录用户
     */
    public static String getCurrentUserName() {
        try {
            return Objects.requireNonNull(getCurrentUser()).getUsername();
        } catch (Exception e) {
            throw new ForbiddenException("访问权限受限或已过期(403)");
        }
    }

    /**
     * 获取当前登录用户ID
     */
    public static String getCurrentUserId() {
        try {
            return Objects.requireNonNull(getCurrentUser()).getId();
        } catch (Exception e) {
            throw new ForbiddenException("访问权限受限或已过期(403)");
        }
    }

    /**
     * 获取当登录用户所属系统ID
     */
    public static String getCurrentSystemId() {
        try {
            return Objects.requireNonNull(getCurrentUser()).getSystemId();
        } catch (Exception e) {
            throw new ForbiddenException("访问权限受限或已过期(403)");
        }
    }

    /**
     * 获取当登录用户角色ID集合
     */
    public static List<String> getCurrentUserRoleIds() {
        try {
            return Objects.requireNonNull(getCurrentUser()).getRoleIds();
        } catch (Exception e) {
            throw new ForbiddenException("访问权限受限或已过期(403)");
        }
    }

    /**
     * 获取当登录用户权限ID集合
     */
    public static List<String> getCurrentUserPermissions() {
        try {
            return Objects.requireNonNull(getCurrentUser()).getPermissionIds();
        } catch (Exception e) {
            throw new ForbiddenException("访问权限受限或已过期(403)");
        }
    }

    /**
     * 获取当前登录用户信息
     */
    public static AdminUser getCurrentUser() {
        try {
            SecurityContext securityContext = SecurityContextHolder.getContext();
            UsernamePasswordAuthenticationToken authentication = (UsernamePasswordAuthenticationToken) securityContext.getAuthentication();
            AdminUser umsUserVo = (AdminUser) authentication.getPrincipal();
            if (Objects.nonNull(umsUserVo)) {
                return umsUserVo;
            }
            return null;
        } catch (Exception e) {
            throw new ForbiddenException("访问权限受限或已过期(403)");
        }
    }

    /**
     * 设置当前登录用户信息
     */
    public static void setCurrentUser(HttpServletRequest request, AdminUser adminUser) {
        try {
            List<SimpleGrantedAuthority> authorities = adminUser.getRoleIds().stream().filter(StrUtil::isNotBlank).map(SimpleGrantedAuthority::new).collect(Collectors.toList());
            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(adminUser, null, authorities);
            authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
            SecurityContextHolder.getContext().setAuthentication(authentication);
        } catch (Exception e) {
            throw new ForbiddenException("访问权限受限或已过期(403)");
        }
    }
}
